[CentOS] Re: IPTables Blocking Brute Forcers

Thu Nov 16 17:33:17 UTC 2006
Brian Marshall <brian at smiz.biz>

Sweeeet!

I'll give it a shot.

Thanks Mike.


> From: <mike.redan at bell.ca>
> Reply-To: CentOS mailing list <centos at centos.org>
> Date: Thu, 16 Nov 2006 12:18:00 -0500
> To: <centos at centos.org>
> Conversation: [CentOS] Re: IPTables Blocking Brute Forcers
> Subject: RE: [CentOS] Re: IPTables Blocking Brute Forcers
> 
> You could try something like this:
> 
> http://freshmeat.net/projects/blocksshd/
> 
>> From there readme:
> BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that
> dynamically 
> adds IPTables rules for Linux and pf firewall rules for BSD that block
> SSH 
> brute force attacks.  It can also detect ProFTPd login failures.
> 
> Cheers,
> Mike
> 
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Brian Marshall
> Sent: November 16, 2006 12:10 PM
> To: CentOS mailing list
> Subject: [CentOS] Re: IPTables Blocking Brute Forcers
> 
> 
> Hi All,
> 
> So I have a series of funny guys that are constantly trying to brute
> force my FTP server. They are always in China, India or Japan, of
> course.
> 
> Unfortunately my clients do exchange emails with some people in China
> and Japan so I can't just block off the entire region (as much as I'd
> love to).
> 
> Does anyone have suggestions on how I can script IPTables or put some
> other security measure in place that could detect brute-forcing and
> reject from their IP?
> 
> Thanks
> 
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos